Tag: HTTP request

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk
News

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

It has been discovered that the WordPress plugin LiteSpeed Cache contains a security flaw that could allow unauthorized users to elevate their privileges. The issue, which was tracked as CVE-2023-40000, was fixed in version 5.7.0.1 released in October 2023. According to Patchstack researcher Rafie Muhammad, this plugin has an unauthenticated site-wide stored [cross-site scripting] vulnerability that could enable any unauthenticated user to steal sensitive data and use it to escalate privileges on the WordPress website with just one HTTP request. More than five million people have installed LiteSpeed Cache, a tool for enhancing website performance read more WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk. Get up to date on the latest cybersecurity news and...